CVE-2005-2319

{"id": "CVE-2005-2319", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-07-19T04:00:00.000", "references": [{"url": "http://phpyawp.com/yawiki/index.php?page=ChangeLog", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/16049", "source": "cve@mitre.org"}, {"url": "http://www.hardened-php.net/advisory-102005.php", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/404948", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/14237", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://phpyawp.com/yawiki/index.php?page=ChangeLog", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/16049", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.hardened-php.net/advisory-102005.php", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/404948", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/14237", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "PHP remote file include vulnerability in Yawp library 1.0.6 and earlier, as used in YaWiki and possibly other products, allows remote attackers to include arbitrary files via the _Yawp[conf_path] parameter."}, {"lang": "es", "value": "Vulnerabilidad de inclusi\u00f3n de fichero PHP en Yawp library 1.0.6 y anteriores, usado en YaWiki y posiblmente otros productos permite que atacantes remotos incluyan ficheros arbitrarios mediante el par\u00e1metro \"_Yawp\"."}], "lastModified": "2024-11-20T23:59:17.817", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:yawp:yawp:1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "009BF752-A979-4848-AC14-00EA4CCD7EFC"}, {"criteria": "cpe:2.3:a:yawp:yawp:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D30FB58-3081-4976-A549-FC0710E04CF7"}, {"criteria": "cpe:2.3:a:yawp:yawp:1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A7E5AC1-49B0-4FDE-B709-311EF5A71B0F"}, {"criteria": "cpe:2.3:a:yawp:yawp:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "681CC1AA-6CFA-4B30-9A06-CAF8EA2AF65D"}, {"criteria": "cpe:2.3:a:yawp:yawp:1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D94115A6-38F8-4C60-AB31-3BA0F5F0A74F"}, {"criteria": "cpe:2.3:a:yawp:yawp:1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5B35787-7B3E-4FFF-9B7A-7693F4EFA7CF"}, {"criteria": "cpe:2.3:a:yawp:yawp:1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2363BA40-E459-4E82-8A37-A5FBE7D48E4F"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}